Todokan
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only Todokan skill appears coherent and disclosed, but it can access and change your Todokan data if you give it a planner API key.
Before installing, decide whether the agent really needs the full planner endpoint or whether the worker endpoint is enough. Use a dedicated Todokan API key, approve writes and deletes only after reviewing the draft or confirmation, avoid storing secrets in tasks/documents, and enable polling only if you want ongoing update checks.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved with a full-access endpoint, the agent can change or permanently delete Todokan items.
The skill exposes task, board, habitat, and document mutation tools, including deletion, but the instructions also require orientation and confirmation before writes.
Writing (only after orientation + confirmation) ... create_task / create_board / create_habitat ... update_task ... delete_task → Only after explicit confirmation
Review task/document drafts and delete confirmations carefully, and use the lower-privilege worker endpoint when read-only access plus comments is enough.
The permissions granted to the API key determine how much of your Todokan account the agent can read or modify.
The integration requires a Todokan API key and can be configured for either full CRUD access or lower-privilege worker access.
URL: `https://todokan.com/mcp` (planner, full CRUD) or `https://todokan.com/mcp-worker` (read + comments) ... Authentication: Pass `TODOKAN_API_KEY` via the `Authorization: Bearer` header
Create a dedicated Todokan key with the minimum access needed, prefer the worker endpoint unless full edits are required, and revoke the key when no longer needed.
Sensitive or inaccurate information could become stored in Todokan and later reused in summaries or searches.
The skill may persist content from other sources into Todokan tasks or documents for later search and review, while also warning against storing sensitive data.
When storing content from external research (web, files, other tools) in Todokan, note the source ... Do not store passwords, API keys, tokens, or personal data in task titles or descriptions.
Do not store secrets or unnecessary personal data in Todokan, and review document/task drafts before approving storage.
If configured, the agent may repeatedly check Todokan for updates and retain a last-seen checkpoint.
The README describes an optional recurring polling workflow with persistent checkpoints, which is disclosed and purpose-aligned but should be enabled intentionally.
Use `get_events_since` on an interval (for example every 15 minutes): 1. Persist last checkpoint timestamp (`since`) ... 4. Save returned `until` as next checkpoint
Enable polling only if you want ongoing monitoring, choose an appropriate interval, and store checkpoints in a known location.